Monday, February 06, 2012

LDAP Provisioning - Error code 50 with Active Directory

I've been testing Express Provisioning with our product and was getting a console error from our application server:


ERROR [LdapExpressProvisioningProcessor] There was an error provisioning the user. Insufficient privileges provided: javax.naming.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
]; remaining name 'CN=john,CN=Users,DC=dev,DC=global'

I had to do some queries on Google but found that I had to change the permissions for the user I logged in with to the LDAP datastore.

For Active Directory I had add the user to Administrators. That was accomplished by right-clicking on the user, selecting Properties and then selecting Member Of. I typed in Administrators and added that group to the user and then was able to accomplish provisioning to LDAP accounts on the Active Directory server.

Exploring ELK (Elastic) Stack for hack-a-thon

At my current gig, our group finally got to do hack-a-thon week and I joined a team project that tied together a few of the technologies I&#...